Alec,
Thanks for helping me get up and running with the enigma plugin and for pointing me to the previously existing work on an SMIME plugin.
For those of you who don't know and are interested, I'm a Master's Candidate and I'm implementing S/MIME in the enigma plugin for an independent study this semester.
So far I have implemented the following features:
- Import PKCS#12 certificate store (password protected)
- Pub cert, priv key, any additional certs contained in the store
treated as CA certs. - create a hashed directory of CA certs
- Verify S/MIME signatures (pkcs7-signatures .p7s)
- Decrypt S/MIME encrypted emails
- Decrypt and verify signed then encrypted emails
Features that are not yet complete:
- Encrypt only outgoing
- Add menu option to Compose Window
- Sign only outgoing (clear signing)
- Add menu option to Compose window
- Encrypt then Sign
- Sign then Encrypt
- List certs/details from settings view
- Verify pkcs7-mime (.p7m) signed emails
- Generate CSR
- Handle CRL's (.p7c)
Modifications are available at github.com/guitarmanusa/roundcubemail in a branch called enigma-smime-dev.
On 03/24/2016 10:07 PM, Kyle Francis wrote:
Modifications are available at github.com/guitarmanusa/roundcubemail in a branch called enigma-smime-dev.
It's great to see your progress. However, you didn't fork our repository and I don't see a simple way to compare both, i.e. to see all your changes in one diff. Now it might be not so hard as all your commits are in one go, but when you merge some upstream changes it will become harder.
Also, I see some commits that fix some issues in existing pgp-related code. Could you create PRs for them separately? It would be simpler to merge them separately and the rest when you finish with S/MIME.
Fork completed and commits re-added. Thanks for getting me squared away. I hope I did it right and that makes it easier for you.
Looking back on it I think the only GPG related change I made was that I had to extend the decrypt() method abstract in enigma_engine.php so I had to change the decrypt() function definition in enigma_driver_gnupg.php. But that should be all. I'll include that in the PR that I do when I get everything up and running with SMIME.
-Kyle
On 2016-03-25 08:08, Kyle Francis wrote:
My apologies. This is my first time working with someone else's repo. I'll go ahead and delete my repo, then fork. This will give me a chance to reorganize my commits too, as they were rather sporadic. I'll let you when that's done. If any of my gpg related changes are still valid I'll submit a PR as well.
-Kyle _______________________________________________ Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
On 03/24/2016 10:07 PM, Kyle Francis wrote:
Modifications are available at github.com/guitarmanusa/roundcubemail in a branch called enigma-smime-dev.
Hi Kyle!
What is the status of your work on S/MIME. I see in the repo that work stopped in March, but on the other hand I see on the list that you still have been working on this in May.
It would be great to have this in Roundcube 1.3. I could help with that.
Hello!
Did Alec gave you my texts on S/MIME which I sent him earlier? Everything works for me. But I didn't use the Enigma.
Best regards, Vladimir
Kyle Francis писал 2016-08-23 14:14:
Hey Alec,
I switched gears at the end of May to working on the hybrid decryption.
For SMIME, I just have some key management tasks to finish up. I'm also having a bigger issue that I think is an issue with the php openssl commands. When encrypting an outgoing email, on most emails encrypting with the senders certificate is unable to be decrypted with the senders certificate. For example, when sending I am encrypting with the senders certificate and with the certificates of all the recipients. The resulting email can be decrypted in Thunderbird/enigmail and openssl via the command prompt, but when I go to the sent folder in roundcube the email is unable to be decrypted. Openssl also gives an error about invalid formatting. I can send the exact error when I get back to my workstation.
The certificate in question is valid for encrypting. And some shorter emails encrypt/decrypt successfully. From my testing it appears as though it's a bug with the php function openssl_pkcs7_encrypt() but any troubleshooting ideas would be appreciated.
I will try to send later today the exact errors I'm receiving and examples of emails that do and do not encrypt/decrypt correctly.
-Kyle _______________________________________________ Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
Kyle,
I didn't even know that it was laid out somewhere. "vgo" - it really my nic. But this plugin requires adding of several hooks in RC. Therefore I was surprised that it somewhere is available.
During its writing there were difficulties with php openssl. Therefore in some places my text can be the strange.
I am not engaged in this task since January and already forgot everything. But if you have questions, I will try to recall.
In that text there were several minor errors which were corrected later.
Best regards, Vladimir
Kyle Francis писал 2016-08-23 14:51:
Vladimir,
I believe so, that was the vgo plugin? I'll take a look at where you handle encryption. Thanks.
Kyle
On Aug 23, 2016 7:27 AM, Владимир Горпенко vgo@stels.ru wrote:
Hello!
Did Alec gave you my texts on S/MIME which I sent him earlier? Everything works for me. But I didn't use the Enigma.
Best regards, Vladimir
Kyle Francis писал 2016-08-23 14:14:
Hey Alec,
I switched gears at the end of May to working on the hybrid decryption.
For SMIME, I just have some key management tasks to finish up. I'm also having a bigger issue that I think is an issue with the php openssl commands. When encrypting an outgoing email, on most emails encrypting with the senders certificate is unable to be decrypted with the senders certificate. For example, when sending I am encrypting with the senders certificate and with the certificates of all the recipients. The resulting email can be decrypted in Thunderbird/enigmail and openssl via the command prompt, but when I go to the sent folder in roundcube the email is unable to be decrypted. Openssl also gives an error about invalid formatting. I can send the exact error when I get back to my workstation.
The certificate in question is valid for encrypting. And some shorter emails encrypt/decrypt successfully. From my testing it appears as though it's a bug with the php function openssl_pkcs7_encrypt() but any troubleshooting ideas would be appreciated.
I will try to send later today the exact errors I'm receiving and examples of emails that do and do not encrypt/decrypt correctly.
-Kyle _______________________________________________ Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
-
A.L.E.C -
Kyle Francis -
Владимир Г орпенко